File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSF and the fly likes Session is created as soon as jsf request is made to launch application in browser Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "Session is created as soon as jsf request is made to launch application in browser " Watch "Session is created as soon as jsf request is made to launch application in browser " New topic
Author

Session is created as soon as jsf request is made to launch application in browser

simranjit singh sandhu
Greenhorn

Joined: Mar 15, 2012
Posts: 8
Hi ,I am making a twitter like application in jsf ,so far i have completed to create new sessions for users ,Then i make code for checking number users online using session listeners,then i encountered a problem that as soon as i request for faces application even for the first time i.e application homepage new session is automatically created.is there any relation b/w starting of jsf application and session creation ?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16140
    
  21

Welcome to the Javaranch, Simranjit!

An HttpSession object stores login context, but you don't have to be logged in to have a session.

One of JSF's primary features is Managed Beans, where JSF will automatically construct and initialize beans on demand. If the bean in question is in session scope (also View scope in JSF2), then JSF will automatically construct an HttpSession to hold it. Since JSF requires session-scope objects more often than most J2EE frameworks, JSF apps tend to create sessions fairly soon after a user hits the site.

So counting sessions is not a good metric for number of logged-in users. For that, your login process itself is a better place to capture the logged-in user count.

If you're using a DIY login process (which I generally don't recommend), you can simply update a counter when the user logs in. Decrement it from a session destruction listener as the user logs out. If you're using container-managed security, there's no user code for login, but there's a way to detect when a user has just logged in via a ServletFilter.

A good place to maintain the logged-in user counter is in a Managed Bean that's in application scope, since app scope data is shared by all sessions. Just remember to make the counter thread-safe!


Customer surveys are for companies who didn't pay proper attention to begin with.
simranjit singh sandhu
Greenhorn

Joined: Mar 15, 2012
Posts: 8
Thanks !!! but as you have said i am already using session create listener and session destroy listeners to keep track of logged in users . and can you tell me how i can keep track of logged in users using application scoped bean or can i create custom event listeners in login method ?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16140
    
  21

As I said, you can have a session without being logged in, so a sessioncreatelistener won't do.

There is no such thing as a "login event" or "login method" in J2EE's built-in security system. When you use J2EE standard container-managed security, the login process is part of the server, not part of the application, and the server can't pass a login event to the app because not all security realms guarantee that you "log in" to the application. For example, when using single signon, the login is done once, and that once may have been long before the user requested that particular app.

When using a Do It Yourself Security System, the login works however you designed it to work (which for most people it is to say badly, which is why I discourage DIYSS).

To track logged-in users using an app-scope javabean, make it implement a Set of login IDs or counter, depending on whether or not you want to track actual user IDs or just the total number of signed-on users. Then provide a thread-safe method(s) to call on login and logout that will update that Set or counter.
simranjit singh sandhu
Greenhorn

Joined: Mar 15, 2012
Posts: 8
Thanks !!! your suggestions really helped !!!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Session is created as soon as jsf request is made to launch application in browser